You may know that hackers want to take over your devices and use them to get rich mining cryptocurrencies. What you may not know is the problem is getting worse very quickly.

That’s a key finding from McAfee Labs’ first-quarter threats report. The research unit of the computer security software company McAfee found what it calls a “stunning” 629 percent increase in coin miner malware during the first quarter compared with the fourth quarter of last year. This kind of malware infects a victim’s device and turns it into a cryptocurrency miner, allowing the attacker to pocket the profits.

Surprising Size

Although an increase in such attacks isn’t a shock, “the sheer size of attack is somewhat surprising,” Raj Samani, chief scientist at McAfee, tells ThirtyK. “From 400,000 known samples in the fourth quarter of 2017 to more than 2.9 million the next quarter is a massive increase in literally weeks.

The best way to protect yourself or your business from cryptocurrency malware attacks is practicing basic cyber hygiene.

The quarterly threats report from McAfee Labs is an overall look at growth and trends of new malware, ransomware and other cyberthreats. Among industries, health care saw the largest growth in overall reported security incidents, with a 47 percent increase over the previous quarter. Attackers used SAMSA ransomware to target hospitals. Some were compelled to pay up, as happened with two health care networks in Indiana.

The education sector saw the secondhighest increase in reported incidents, a 40 percent jump quarter to quarter. Finance saw a 39 percent increase, with activity coming from Russia, Turkey and South America.

Phishing for Bitcoin

For cryptocurrency specifically, the McAfee report highlighted HaoBao, a sophisticated phishing campaign aimed at stealing bitcoin (BTC) and run by cybercrime ring Lazarus. McAfee first detected the scam in January. The campaign targeted global financial organizations and bitcoin holders, sending recipients malicious email attachments that would then scan for bitcoin activity and establish an implant for persistent data gathering and crypto mining.

Although the sharp, quick increase in coin mining malware is significant, Samani says this type of malware is not as destructive as ransomware. With ransomware, “there is a clear ROI in these attacks,” he says, and the technology is not hard to get. “The widespread availability of tools and products that support such attacks has meant almost anyone can carry out such campaigns.”

The best way to protect yourself or your business from cryptocurrency malware attacks is “basic cyber hygiene” such as regular security updates, Samani says. McAfee also recommends not using public Wi-Fi, using a virtual private network, or VPN, and protecting all of your devices with comprehensive security software.

Jen A. Miller
Jen Miller's writing has appeared in The New York Times, Washington Post, CIO and Buzzfeed.